COPPA 2.0

Children and Teens' Online Privacy Protection Act (COPPA 2.0) (S. 836, 119th Congress)

Would expand COPPA-style protections to teens (13-16) and add stronger constraints including limits on targeted advertising to minors. Often paired politically with KOSA.

Jurisdiction

United States

Enacted

Pending

Effective

TBD

Enforcement

FTC + State AGs

Reintroduced March 4, 2025; in Senate Commerce Committee

Congress.gov

Why It Matters

Fastest path to national "minors privacy" baseline reaching beyond COPPA's under-13 scope.

At a Glance

Applies to

Social PlatformOnline PlatformGaming PlatformGeneral ChatbotAI CompanionCharacter Chatbot Minors-focused

Harms addressed

Child Exposure

Requires

Age Verification Data Minimization User Rights

Who Must Comply

Covered operators of websites/online services accessible to minors under 17

Obligations fall on:

Operator — Operates the platform or service

Safety Provisions

Expands protections to minors 13-16 (beyond COPPA under-13 baseline)
Stronger limits on targeted advertising to minors
Prohibition on transferring minors' data without affirmative consent
"Eraser button" rights for minors' data
Enhanced FTC enforcement authority

Compliance & Enforcement

Penalties

Penalties pending regulatory determination

Primary Source

Congress.gov

https://www.congress.gov/bill/119th-congress/senate-bill/836

View on map

United States

Focus Areas

Mental health & crisis

Child safety

Algorithmic accountability

Active safeguards required

Compliance Help

If enacted: expect stronger age assurance, hard prohibitions on ad-targeting and profiling for minors, enhanced data deletion mechanisms.

See how NOPE helps

Cite This

APA

United States. (n.d.). Children and Teens' Online Privacy Protection Act (COPPA 2.0) (S. 836, 119th Congress).

Related Regulations

In Effect US

COPPA

Baseline US children's data privacy regime. Applies to operators of websites/online services directed to children under 13, and to general-audience services with actual knowledge they collect personal info from under-13 users.

Pending US

KOSA

Would establish duty of care for platforms regarding minor safety. Passed full Senate 91-3 in July 2024; passed Senate Commerce Committee multiple times (2022, 2023). Not yet enacted.

Enacted US-VT

VT AADC

Vermont design code structured to be more litigation-resistant: focuses on data processing harms rather than content-based restrictions. AG rulemaking authority begins July 2025.

In Effect FI

Finland AI Act

Finland's EU AI Act implementation using decentralized supervision model. Traficom serves as single point of contact and coordination authority. Ten market surveillance authorities share enforcement across sectors. New Sanctions Board handles fines over EUR 100,000.

In Effect HU

Hungary AI Act

Hungary's comprehensive AI law implementing the EU AI Act. Designates the National Media and Infocommunications Authority (NMHH) as the primary supervisory authority, with sectoral regulators for specific domains.

In Effect DK

Denmark AI Act

First EU member state to fully implement the EU AI Act. Designates three competent authorities, establishes penalty framework aligned with EU maximums, and grants inspection/enforcement powers. Does not add material requirements beyond EU AI Act.

All regulations Check if this applies to you

Last updated January 22, 2026. Verify against primary sources before relying on this information.